Best Practices? SvelteKit5, Kinde, Server To Server Auth, Python as backend resource
Hi all,
I am hoping you can give me a few pointers! First, I am using sveltekit5 and the Convex sveltekit libraries - I believe I have that working ok - has anyone else used this for a production project considering Sveltkit5 is in early release? Does Convex work on SvelteKit4?
Second, I am using Kinde for authentication. I have that working perfectly for my sveltekit project, but the callbacks are against local api routes within the project. How do I pass this back to Convex so Convex recognizes the authentication? I've started doing some goofy things that just feel wrong such as passing the token in the request body to Convex in order to see who the user is.
Third, I am making an LLM workflow app, but a lot of my workload is in python leveraging things like DSPY running on its own server. I have a functional prototype where I trigger my python workflow via REST API from Convex, my python funcions do their things, and they write mutations back to Convex using the python library... a few things popped out at me: 1) I am writing a ton of mutations, is this going to blow up my bill? Is there a better way? 2) I feel like my authentication is non-existent between my python project and my typescript project - if it has the correct environment variables, it can do anything.
I am a development team of 1 - I have been at this for 20 years or so, but I have to admit, I've always worked on backend solutions and am stretching myself to learn the frontend world. AI helps, but I feel like I could use a code review. Are there professional consulting services connected to Convex that could help me know if I am leveraging the platform correctly?
I'll end with what I love about Convex: ROCK SOLID STATE MANAGEMENT. It's a must for multi-agent, complex, LLM Agent platforms. Thanks and please feel free to tell me to RTFM. ๐
2 Replies
Thanks for posting in <#1088161997662724167>.
Reminder: If you have a Convex Pro account, use the Convex Dashboard to file support tickets.
- Provide context: What are you trying to achieve, what is the end-user interaction, what are you seeing? (full error message, command output, etc.)
- Use search.convex.dev to search Docs, Stack, and Discord all at once.
- Additionally, you can post your questions in the Convex Community's <#1228095053885476985> channel to receive a response from AI.
- Avoid tagging staff unless specifically instructed.
Thank you!
1. The Svelte Convex library does not work with Svelte 4, but if you roll your own client code the ConvexClient should work anywhere, including with Svelte 4.
2. Passing the token into a Convex function isn't ridiculous, lots of times this makes sense so that you can use that JWT to make other requests โย but it's also useful to set up authentication in Convex so that you can use
ctx.auth.getUserIdentity() for autentication. Unless you validate the JWTs you send in manually this is pretty important, otherwise you don't know who a user is so it's difficult to have secure endpoints. We dont' have an official Kinde integration but it's not bad, here's an example when the Kinde team proposed an integration: https://github.com/get-convex/convex-js/pull/5
We decided to keep auth integrations out of the core convex library so that we didn't reack up dozens of optional peer dependencies that could cause dependency resolution issues, but we absolutely intend to support these are third party integrations or recipes.
3. re blowing up your bill with mutations, what is a ton? You can do a bit of math with the pricing page. Does a single user interaction trigger dozens, hundreds, or thousands of mutations? 3.2 re authentication, using a shared secret sounds pretty good, if you need something else let's talk about it, but for server to service auth a shared secret is essentially an API token. If you want you could securely hash+salt the token and use that instead, we should talk about your threat model. A shared secret might be fine.
Let's chat re consulting services; we might know some people interested, and we can chat a bit. Send an email to support and we might be able to help out here.Class: ConvexClient | Convex Developer Hub
browser.ConvexClient
GitHub
feat: kinde auth for convex by umuthopeyildirim ยท Pull Request #5 ยท...
This pull request introduces support for Kinde Auth in the Convex application. A significant portion of the implementation was adapted from the existing 0Auth integration, with adjustments made to ...